W3C home > Mailing lists > Public > public-device-apis@w3.org > May 2010

Re: Sys Info network attributes

From: Brian LeRoux <brian.leroux@nitobi.com>
Date: Fri, 21 May 2010 08:28:35 -0700
Message-ID: <AANLkTily-EOt3H5MveY5z9s0jXLYc5zjIjS_5Tfkgb5h@mail.gmail.com>
To: Doug Turner <dougt@dougt.org>
Cc: Alissa Cooper <acooper@cdt.org>, W3C Device APIs and Policy WG <public-device-apis@w3.org>
You bring up a valuable point Doug and the root of our thinking w/
PhoneGap. The API's we're talking about are often in the context of
installable web apps like Mobile Web Applications and Widgets (though
now Google Chrome is about to blur that line).

Ultimately, I still feel the API to certain data and sensors should be
divorced from the permissions that dictate its use (and perhaps
discoverability). The days of the web being a second class development
platform wane. It is our job to figure out the best ways to keep the
web secure, while remaining accessible, and not at the expense of
limiting the platform.

ALL of these APIs have significant and problematic implications for
privacy. I'm sure everyone here has taken a photo with their phone
they would prefer to keep on the phone let alone share their mac

On Thu, May 20, 2010 at 10:22 PM, Doug Turner <dougt@dougt.org> wrote:
> yup, fair enough.  :-)
> sending a mac address to a site is dangerous as it allows the site to always know who the client is and the client can't do anything about it.
> I think in general that is a bad thing for the people on the web, but maybe widgets have a need for something like this.
> Is any UA seriously considering exposing this API to the web without some sort of notification to the user that the requesting website is requesting something that is more privileged than normal?
> I could imagine the API being useful for some sort of mobile widget that exposes your current network setting, etc.
> Doug
Received on Friday, 21 May 2010 15:34:13 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:53:43 UTC